﻿Imports System.Data.SqlClient
Imports System.IO
Imports System.Data
Public Class newAdmin
    Inherits System.Web.UI.Page
    Dim con As New DBConnect
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        'connecting using httpS.
        If Not HttpContext.Current.Request.Url.AbsoluteUri.StartsWith("ht tp://localhost") Then
            If HttpContext.Current.Request.IsSecureConnection = False Then
                Dim url As String = HttpContext.Current.Request.Url.AbsoluteUri.Insert(4, "s")
                Response.Redirect(url)
            End If
        End If

        'check if user signed in if not going back to login page 
        If Not Session.Item("UserIn").Equals("yes") Then
            Response.Redirect("default.aspx")
        End If
        lblSuccess.Visible = False
        btnReload.Visible = False

        If Not (IsPostBack) Then
            Dim SqlConnectString As String = con.SqlConnectString
            Dim myConnection As New SqlConnection(SqlConnectString)
            Dim myCommand As New SqlCommand()
            ' Dim result As Integer
            myCommand.Connection = myConnection
            'Set the SQLCommand object's properties for executing a Stored Procedure
            myCommand.CommandType = CommandType.StoredProcedure
            myCommand.CommandText = "SelectAllDepartments"       'Name of the Stored Procedure to execute

            Try
                myConnection.Open()
                ddDepartments.DataSource = myCommand.ExecuteReader()
                ddDepartments.DataValueField = "departmentID"
                ddDepartments.DataTextField = "departmentName"

                ddDepartments.DataBind()

            Catch ex As Exception
                Throw ex
            Finally
                myConnection.Close()
                myConnection.Dispose()
            End Try
        End If

        If lblSuccess.Text = "" Then
            WarningContent_ValidationSummary.Visible = False
        End If
    End Sub

    Protected Sub btnAdd_Click(sender As Object, e As EventArgs) Handles btnAdd.Click
        Dim adminID As String = CStr(txtAccessNet.Text.Trim())
        Dim adminAccessLevel As Integer = CInt(AdminLevel.SelectedValue)
        Dim SqlConnectString As String = con.SqlConnectString
        Dim myConnection As New SqlConnection(SqlConnectString)
        Dim myCommand As New SqlCommand()
        Dim result As Integer
        Session("departmentIDa") = CInt(ddDepartments.SelectedValue)
        Session("email") = txtEmail.Text.Trim

        myConnection.Open()
        'define command and return value 
        myCommand.Connection = myConnection
        'Set the SQLCommand object's properties for executing a Stored Procedure
        myCommand.CommandType = CommandType.StoredProcedure
        myCommand.CommandText = "InsertAdmin"       'Name of the Stored Procedure to execute

        'Dim inputParameter As New SqlParameter("@tuID", CInt("1"))
        'inputParameter.Direction = ParameterDirection.Input

        Dim inputParameter1 As New SqlParameter("@accessNetID", adminID)
        inputParameter1.Direction = ParameterDirection.Input
        Dim inputParameter2 As New SqlParameter("@accessLevel", adminAccessLevel)
        inputParameter2.Direction = ParameterDirection.Input
        Dim inputParameter5 As New SqlParameter("@email", txtEmail.Text.Trim)
        inputParameter5.Direction = ParameterDirection.Input
        Dim returnParameter As New SqlParameter("@new_identity", 0)
        returnParameter.Direction = ParameterDirection.Output

        'myCommand.Parameters.Add(inputParameter)
        myCommand.Parameters.Add(inputParameter1)
        myCommand.Parameters.Add(inputParameter2)
        myCommand.Parameters.Add(inputParameter5)
        myCommand.Parameters.Add(returnParameter)

        Try
            myCommand.ExecuteScalar()
        Catch ex As Exception
            MsgBox(ex.Message)
        End Try

        result = CInt(myCommand.Parameters("@new_identity").Value)
        myConnection.Close()
        myCommand.Dispose()
        adminAssigningToDepartment()

        'if everything went well display success message 
        If result > 0 Then
            lblSuccess.Text = "Administrator has been added to the system press refresh button to add another Administrator"
            lblSuccess.Visible = True
            btnReload.Visible = True
            WarningContent_ValidationSummary.Visible = True
        Else
            lblSuccess.Text = "Administrator with this ID is already in the System press refresh and try another ID"
            lblSuccess.Visible = True
            btnReload.Visible = True
            WarningContent_ValidationSummary.Visible = True
        End If
    End Sub
    Protected Sub adminAssigningToDepartment()
        Dim depID As Integer = CInt(Session.Item("departmentIDa"))
        Dim email As String = CStr(Session.Item("email"))

        Dim SqlConnectString As String = con.SqlConnectString
        Dim myConnection As New SqlConnection(SqlConnectString)
        Dim myCommand As New SqlCommand()

     
        myConnection.Open()
        'define command and return value 
        myCommand.Connection = myConnection
        'Set the SQLCommand object's properties for executing a Stored Procedure
        myCommand.CommandType = CommandType.StoredProcedure
        myCommand.CommandText = "AddDepartmentsAdmin"       'Name of the Stored Procedure to execute
        
        Dim inputParameter As New SqlParameter("@departmentID", depID)
        inputParameter.Direction = ParameterDirection.Input

        Dim inputParameter1 As New SqlParameter("@accessNetID", email)
        inputParameter1.Direction = ParameterDirection.Input

        myCommand.Parameters.Add(inputParameter)
        myCommand.Parameters.Add(inputParameter1)

        Try
            myCommand.ExecuteScalar()
        Catch ex As Exception
            MsgBox(ex.Message)
        End Try

        myConnection.Close()
        myCommand.Dispose()
     
    End Sub


    Protected Sub btnReload_Click(sender As Object, e As EventArgs) Handles btnReload.Click
        Response.Redirect("AdminControl.aspx")
    End Sub
End Class